Question

我在Terraform中有以下代码：

AspectFit

例如，我尝试了所有操作：

data "file" "policy" {
  count = "${length(var.s3_bucket_name)}"

  template = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": ["s3:ListAllMyBuckets"],
      "Resource": ["*"]
    },
    {
      "Effect": "Allow",
      "Action": ["s3:ListBucket"],
      "Resource": [
        "arn:aws:s3:::${var.s3_bucket_name[count.index]}", 
        "arn:aws:s3:::${var.s3_bucket_name[count.index]}/*"
      ]
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:ListBucket",
        "s3:ListObjects",
        "s3:GetObject"],
      "Resource": [
        "arn:aws:s3:::${var.s3_bucket_name[count.index]}", 
        "arn:aws:s3:::${var.s3_bucket_name[count.index]}/*"
      ]
    }
  ]
}
EOF
}

但是继续出现此错误： null_resource.s3_1（local-exec）：致命错误：调用ListObjects操作时发生错误（AccessDenied）：访问被拒绝

有人可以帮我弄清楚我在做什么错吗？

在Terrafrorm中拒绝对AWS Bucket的ListObjects访问

0 个答案: